Documentos de Académico
Documentos de Profesional
Documentos de Cultura
E-Mail Wiretaps:
eBlastser software can provide e-mail updates of a persons online
activity if installed on their computer
FBIs
Carnivore, DragonWare suite, Packeteer, Coolminer
Government was being challenged for invading privacy,
but then came
Sept. 11th
House and Senate have both approved bills giving the govt. broad
powers of surveillance
U.S. Constitution
The right to privacy is not expressly stated in the
Constitution or the Amendments, but the
Supreme Court has interpreted some of the
amendments to mean that there exists a
penumbral or implied right of privacy under the
U.S. Constitution
Supreme Court found the right of privacy implied
in these Amendments:
Ninth
Fourth
Fifth
(c) 2004 West Legal S
Ninth Amendment
This enumeration shall not be construed
to deny other rights retained by the
people
So, there must be other rights and privacy
could be another right not mentioned in
the Amendments.
Fourth Amendment
right of the people to be secure in their persons,
houses, papers, and effects.
Griswold v. Connecticut (1965)
established zones of privacy or areas or locations where
privacy is reasonably expected
Fifth Amendment
No person shall be compelled to be a witness
against himself
Corporations do not have this protection
Doe v. U.S. (1988) individual has to surrender the key
to a strongbox containing incriminating documents,
but does not have to reveal the combination to his
wall safe
Does this mean that a person could not be forced to
give up his encryption code or his password?
Fourteenth Amendment
Gives the individual the same protection
against all state governments in the same
way the individual is protected against the
federal government invasion of privacy
State Constitutions
Usually states copy the 4th Amendment and give
an implied protection to the individual from
government invasion of privacy
But many state constitutions go further and protect
the individuals privacy from the government in other
specific areas:
medical records, wiretapping, insurance, school records,
credit and banking information, privileged communications
between attorney and client
10
11
12
13
14
15
16
Federal Statutes
There are many federal statutes that have
been introduced to protect privacy
17
18
19
20
21
22
23
24
25
26
27
GLB Act
Financial institution to provide notice to customers about its
privacy policies and practices
Describes the conditions under which a financial institution
may disclose nonpublic personal information about consumers
to nonaffiliated third parties
Provides a method for consumers to prevent a financial
institution from disclosing that information to most
nonaffiliated third parties by Opting Out of that disclosure
Must tell exceptions when consumer cannot opt out
28
29
30
GLB continued.Duty to
Consumers:
Provide a short-form notice about the availability of
the privacy policy if the financial institution shares
information outside the permitted exceptions.
Provide an opt-out notice prior to sharing info
Give Consumers reasonable opportunity to opt out
Honor opt-out
If you change your privacy policy provide new
notice
31
32
33
34
Pretexting
FTC v. Information Search, Inc.,
Settlements from three information brokers who
the FTC alleged used deceptive practices called
pretexting_ to obtain consumers confidential
financial information
Used false pretenses, fraudulent statements, and
impersonation to illegally gain access to information
such as bank balances and then offered info for sale.
35
36
37
Requirements of COPPA
Who:
Anyone whose website is directed at kids.
FTC will look at subject matter, visual or audio content, age of models,
language used, advertising and promotions featured, use of animated
characters or child-oriented activities and incentives, evidence of sites
intended audience and actual audience composition
38
Exception to COPPA:
Safe-harbor of presumptive compliance for
those following an FTC-approved system or
protocol
http://www.ftc.gov//privacy/safeharbor/shp.ht
m
39
Litigation
U.S. v. The Ohio Art Co., ( Etch-A Sketch)
Company failed to provide notice or get consent from
parents, collecting more info than necessary
40
41
42
43
ECPA: Title I:
Communications which are protected from
interception include transmission by radio
paging, cellular phones, computer generated
transmissions, and e-mail
McVeigh v. Cohen: AOL violated ECPA by
revealing to Navy that his e-mail which
showed he was gay
(c) 2004 West Legal S
44
45
ECPA: ISPs
Doing maintenance
U.S. v. Mullins (American Airlines was service
provider for travel agent)
46
47
48
49
50
51
is carried or stored
52
Litigation
Supnick V. Amazon.com, Inc. and Alexa Internet
Alleged that Alexa, whose software program monitors
surfing habits and then suggests related Web pages, stored
and transmitted this information to third parties (including
Amazon) without informing users of the practice or
obtaining users consent in violation of the ECPA and
common law invasion of privacy.
Court approved a settlement agreement: Alexa must:
Delete four digits of the IP addresses in its databases, add privacy
policy to Weg site, require customers to op-in to having their data
collected before they can be permitted to download Alexa software,
pay up to $40 to each customer whose data is found in Alexas
database.
53
54
55
56
Spamming
Federal Law none to regulate
FTC has regulated telephone solicitation but has
left regulation of spamming to the computer
industry
57
58
FTC
Has not endorsed regulation of spam on the federal level
Has charged spammers in the collection of data with
unfair and deceptive trade practices and
Violation of the GLB Act
59
Doubleclick Case
Decided in favor of Doubleclick: they were only doing what they
had said in their privacy policy, so OK.
60
61
62
63
64
65
Spamming
State law use common law trespass
66
Workplace Privacy
Governmental employer: OConnor v. Ortega
Balance right of employee to privacy against employers
needs for supervision, control and the efficient operation of
the workplace
Private employer
Use same balancing test
67
68
Global Issues
European Unions Directive on Privacy Protection
1998
Requires member states of EU to adopt legislation that
seeks to protect the individuals privacy as it relates to the
processing and collection of personal data
Also applies to non-member states doing business with
member states = U.S. to do the following:
69
70
Article 25
Prohibits the export of personal data to
nonmember countries that do not have laws
that adequately protect personal data
U.S. has Safe Harbors now
See
http://europa.eu.int/comm/internal_market
/en/dataprot/news/o2-196_en.pd
.
EU issued standard contractual clauses
(c) 2004 West Legal S
71
Australia
Canada
Russia
72